IT Audit Basics: What Every IT Auditor Should Know About Access Controls (English)
- New search for: Singleton, T.W.
- New search for: Singleton, T.W.
In:
INFORMATION SYSTEMS CONTROL JOURNAL
;
4
;
11-16
;
2008
-
ISSN:
- Article (Journal) / Print
-
Title:IT Audit Basics: What Every IT Auditor Should Know About Access Controls
-
Contributors:Singleton, T.W. ( author )
-
Published in:INFORMATION SYSTEMS CONTROL JOURNAL ; 4 ; 11-16
-
Publisher:
- New search for: INFORMATION SYSTEMS AUDIT AND CONTROL ASSOCIATION
-
Publication date:2008-01-01
-
Size:6 pages
-
ISSN:
-
Type of media:Article (Journal)
-
Type of material:Print
-
Language:English
- New search for: 657.4550285
- Further information on Dewey Decimal Classification
-
Classification:
DDC: 657.4550285 -
Source:
© Metadata Copyright the British Library Board and other contributors. All rights reserved.
Table of contents – Volume 4
The tables of contents are generated automatically and are based on the data records of the individual contributions available in the index of the TIB portal. The display of the Tables of Contents may therefore be incomplete.
- 3
-
Information Security Matters: The Triangulated PendulumRoss, Steven J et al. | 2011
- 4
-
Information Security Matters: Boston, Berlin, Baghdad and Bora BoraRoss, Steven J et al. | 2010
- 4
-
Information Security Matters: Just PrivacyRoss, Steven J et al. | 2013
- 4
-
Information Security Matters: Bear AcceptanceRoss, Steven J et al. | 2014
- 4
-
Guest Editorial: From Continuous Auditing to Continuous Monitoring — You Should Be the ChampionCangemi, Michael P et al. | 2012
- 5
-
Guest Editorial: A Rogue Trader Strikes Again!Sarup, Deepak et al. | 2008
- 5
-
Taking A Look Back: Are We Really Doing Enough? The Current State of Computer Auditing - Excerpted and reprinted from The EDP Auditor Journal, volume IV, 1991| 2009
- 5
-
Issues & Comments Editor in Chief Michael Cangemi, CISA, CPA, discusses an Internet security policy forum, at which he spoke along with others from the industry and government, including Dr. Condoleezza Rice, US President George W. Bush's national security advisor. The forum's goal was to elevate computer security interest to the highest-level agendas of senior corporate management| 2001
- 5
-
Editorial - Issues & Comments - Editor-in-Chief Michael P Cangemi, CISA, CPA presents the ideas that came out of the Critical Infrastructure Assurance Summit in Washington DC and the results of the PricewaterhouseCoopers Technology ForecastCangemi, Michael P. et al. | 2000
- 5
-
Editorial - Issues & CommentsCangemi, Michael et al. | 2005
- 5
-
Editorial - Issues & Comments - Editor in Chief Michael Cangemi, CISA, CPA, discusses an Internet security policy forum, at which he spoke along with others from the industry and government, including Dr. Condoleezza Rice, US President George W. Bush's national security advisor. The forum's goat was to elevate computer security interest to the highest-level agendas of senior corporate management.Cangemi, Michael et al. | 2001
- 5
-
Editorial - Issues & Comments - Editor in Chief Michael Cangemi, CISA, CPA, highlights the importance of improving credibility of financial reporting. He also discusses the double-edged sword of customer relationship management.Cangemi, Michael et al. | 2002
- 5
-
IS Security Matters: Compliance and BeyondRoss, Steven J. et al. | 2007
- 6
-
Guest Editorial: Where Have All the Control Objectives Gone? They Have Picked Them Every One...Guldentops, Erik et al. | 2011
- 6
-
Guest Editorial: Managing IT Governance Through Market TurbulenceZarrella, Edge et al. | 2009
- 6
-
IS Audit Basics: What Every IT Auditor Should Know About Using Inquiry to Gather EvidenceSingleton, Tommie et al. | 2013
- 7
-
IT Audit Basics: Top Five Fraud Axioms IT Auditors Should KnowSingleton, Tommie W et al. | 2010
- 7
-
Cloud Computing: Trial by Fire in Cloud Development Pays DividendsMyers, Tim et al. | 2014
- 8
-
IS Security Matters: The Right QuestionRoss, Steven J. et al. | 2005
- 8
-
IS Security Matters - Identity ArchitectureRoss, Steven J. et al. | 2003
- 8
-
Identity ArchitectureRoss, S. J. et al. | 2003
- 8
-
Book Review - e-Commerce Security: Trading Partner Identification, Registration and Enrollment - This technical reference guide lives up to its intended purpose, which is to provide "information system security, control and audit practitioners with a concise guidebook of specific technologies, procedures, protocols and best practices relating to secure Internet-enabled e-commerce."Kinczkowski, Linda M. et al. | 2002
- 8
-
e-Commerce Security: Trading Partner Identification, Registration and EnrollmentKinczkowski, L. M. et al. | 2002
- 8
-
Information Security Matters: Keynes, Shelley, Taleb and WattsRoss, Steven J et al. | 2012
- 9
-
Mail Call IIRoss, S. J. et al. | 2004
- 9
-
IS Security Matters: Managing Information CrisesRoss, Steven J. et al. | 2008
- 9
-
IS Security Matters - Steve Ross, CISA, considers privacy and the predictions of dire consequences related to the advance of technology and the growth of the Internet. He counters these predictions by presenting how market forces currently keep violations of privacy under controlRoss, Steve et al. | 2000
- 9
-
Book Review - Claves Para El Gobierno de los Systemas de Informacion - Las notas a este libro presentan como los autores integran informacion sobre controles, planificacion de contingencias, mejora de procesos, tratamiento de recursos humanos, restricciones legales en las organizaciones y el marco de referencia COBIT(R).Tello, Johann et al. | 2001
- 9
-
Claves Para El Gobierno de los Systemas de Informacion, comentarios Las notas a este libro presentan como los autores integran informacion sobre controles, planificacion de contingencias, mejora de procesos, tratamiento de recursos humanos, restricciones legales en las organizaciones y el marco de referencia COBIT⊙Tello, J. et al. | 2001
- 9
-
IS Security Matters: Let's Go, VetsRoss, Steven J. et al. | 2009
- 9
-
IS Audit Basics: Beyond the IT in IT Audit (Part 2)Singleton, Tommie et al. | 2014
- 9
-
IS Security Matters - Mail Call IIRoss, Steven J. et al. | 2004
- 9
-
IT Audit Basics: Emerging Technical Standards on Financial Audits: How IT Auditors Gather Evidence to Evaluate Internal ControlsSingleton, Tommie et al. | 2007
- 10
-
IS Security Matters - Mail Call - Steven J. Ross, CISA, responds to mail he received in response to previous columns on topics including the value of international standards, virtual private infrastructures and the tragedies of 11 September 2001.Ross, Steven J. et al. | 2002
- 10
-
Five Questions With...Stanek, William R et al. | 2010
- 10
-
Cloud Computing: Securing Hybrid Cloud ApplicationsSweet, Carson et al. | 2012
- 11
-
IT Audit Basics: Audit Concerns: Looking at ERP Application Integration and Implementation IssuesGallegos, Fred et al. | 2006
- 11
-
Penetrating Questions Steven J. Ross discusses society's glorification of the hacker, the difference between a penetration tester and a criminal-the skills are the same, it is just a difference in application and integrity, and the importance of penetration testers| 2001
- 11
-
e-Commerce Security-Business Continuity PlanningKinczkowski, L. M. et al. | 2003
- 11
-
Book Reviews - Financial Information Systems Manual 1999 Edition - An overview of the 1999 edition of this manual, which covers the requirements, design, implementation and management of financial information systemsEmani, Sarathy et al. | 2000
- 11
-
IS Security Matters - Penetrating Questions - Steven J Ross discusses society's glorification of the hacker, the difference between a penetration tester and a criminal -- The skills are the same, it is just a difference in application and integrity, and the importance of penetration testers.Ross, Steven J. et al. | 2001
- 11
-
IT Audit Basics: What Every IT Auditor Should Know About Access ControlsSingleton, Tommie W. et al. | 2008
- 11
-
Cloud Computing: Cloud Computing Risk Assessment: A Case StudyGadia, Sailesh et al. | 2011
- 11
-
Financial Information Systems Manual 1999 EditionEmani, S. et al. | 2000
- 11
-
Book Review - e-Commerce Security -- Business Continuity PlanningKinczkowski, Linda M. et al. | 2003
- 12
-
The NetworkStroud, Robert E et al. | 2014
- 12
-
IT Audit Basics: What Every IT Auditor Should Know About Scoping an IT AuditSingleton, Tommie W. et al. | 2009
- 12
-
Risk and Compliance — For Better or Worse?George, Torsten et al. | 2013
- 12
-
Health Care Reform Legislation Survival Guide, Part 1Buse, Christopher P et al. | 2010
- 13
-
Asking the Right Questions for IT Governance Erik Guldentops, CISA, presents a view of the importance of and need for corporate governance regulations and standards for overall enterprise governance. He notes that while it is not the most efficient IT governance process, asking the tough questions is an effective way to get started. To this effect, he provides a list of questions to help an organization begin| 2001
- 13
-
Auditing: A Risk Analysis Approach, 5^t^h Edition-By Larry F. KonrathBettex, E. J. et al. | 2003
- 13
-
IT Governance: Outsourcing IT Governance to Deliver Business ValueBlecher, Max et al. | 2007
- 13
-
Network Intrusion Detection - An Analyst's HandbookWhittaker, J. et al. | 2000
- 13
-
Standards and guidelines for maintaining compliance for ISACA™ membership and the CISA® designation are outlined and the status of ISACA issuances noted| 2002
- 13
-
Book Review - Auditing: A Risk Analysis Approach, 5th EditionKonrath, Larry F. et al. | 2003
- 13
-
Corporate GovernanceSel, M. et al. | 2004
- 13
-
IT Governance - Corporate GovernanceSel, Marc et al. | 2004
- 13
-
IT Audit Basics: Auditing Applications, Part 2Singleton, Tommie W et al. | 2012
- 13
-
Standards, Statements, Guidelines - Standards and guidelines for maintaining compliance for ISACATM membership and the CISA(R) designation are outlined and the status of ISACA issuances noted.| 2002
- 13
-
IT Governance - Asking the Right Questions for IT Governance - Erik Guldentops, CISA, presents a view of the importance of and need for corporate governance regulations and standards for overall enterprise governance. He notes that while it is not the most efficient IT governance process, asking the tough questions is an effective way to get started. To this effect, he provides a list of questions to help an organization begin.Guldentops, Erik et al. | 2001
- 13
-
Book Reviews - Network Intrusion Detection -- An Analyst's Handbook - A look at a book which enables anyone to understand and take part in network intrusion detection workWhittaker, James et al. | 2000
- 14
-
Ethical Hacking: The Next Level or the Game Is Not Over?Polic, Viktor et al. | 2014
- 15
-
Commentary - Maturity Measurement -- First the Purpose, Then the MethodGuldentops, Erik et al. | 2003
- 15
-
Auditing Security and Privacy in ERP ApplicationsSayana, S. A. et al. | 2004
- 15
-
Maturity Measurement-First the Purpose, Then the MethodGuldentops, E. et al. | 2003
- 15
-
IT Audit Basics - Auditing Security and Privacy in ERP ApplicationsSayana, S.Anantha et al. | 2004
- 15
-
Case Study - Kennametal Uses ACL as Its Best Practices Tool - Security and data integrity are major issues when moving from legacy systems to new enterprise management systems. Holly McMunn, CPA, CIA, the manager of internal audit at Kennametal, describes their use of ACL for Windows during post-implementation audits of SAPMcMunn, Holly et al. | 2000
- 15
-
Knowing the Environment: Top Five IT issuesGuldentops, E. et al. | 2002
- 15
-
Kennametal Uses ACL as Its Best Practices ToolMcMunn, H. et al. | 2000
- 15
-
IT Governance - Knowing the Environment: Top Five IT Issues - Erik Guldentops, CISA, discusses the most pressing IT issues of the day. The list, developed by the IT Governance Institute, views the important IT issues to be governance-related, not technology-related.Guldentops, Erik et al. | 2002
- 16
-
Fraud Examination & Prevention By W. Steve Albrecht and Chad O. AlbrechtFelker, M. et al. | 2007
- 16
-
Book Review: Fraud Examination & PreventionAlbrecht, W.Steve et al. | 2007
- 16
-
Man in the Browser — A Threat to Online BankingSule, Dauda et al. | 2013
- 16
-
Standards, Statements, Guidelines - ISACA(R) Member and Certification Holder Compliance| 2008
- 17
-
Leveraging Metrics for Business Innovation ((Part of the article not published in ASCI))Delmar, Yo et al. | 2014
- 17
-
Book Review: Enterprise Information Security and PrivacyEmani, Sarathy B S P et al. | 2010
- 17
-
IT Audit Basics - The Audit Report and Follow-up: Methods and Techniques for Communicating Audit Findings and Recommendations - Fred Gallegos, CISA, CGFM, CDE, discusses the audit report, the key deliverable for the audit. He breaks down the methods and techniques for assessing the audit as well as the auditor and for communicating audit findings and recommendations.Gallegos, Fred et al. | 2002
- 17
-
IT Governance: A Road Map for Regulatory ComplianceAnnaswamy, Subramanian et al. | 2009
- 17
-
Perspective - How to Audit Customer Relationship Management (CRM) Implementations - While acknowledging the importance of CRM technology, the author discusses the importance of evaluating CRM implementations, arguing that not all attempts at CRM are successful. She provides a list of steps to conduct a straightforward audit of CRM implementations.Balcazar, Priscila et al. | 2001
- 17
-
IT Value: Five Steps to Introducing Val IT: Applying Val IT to Introduce or Improve Value Management in an EnterpriseHarries, Sarah et al. | 2008
- 17
-
How to Audit Customer Relationship Management (CRM) Implementations While acknowledging the importance of CRM technology, the author discusses the importance of evaluating CRM implementations, arguing that not all attempts at CRM are successful. She provides a list of steps to conduct a straightforward audit of CRM implementationsBalcazar, P. et al. | 2001
- 17
-
The Audit Report and Follow-up: Methods and Techniques for Communicating Audit Findings and RecommendationsGallegos, F. et al. | 2002
- 17
-
IT Audit Basics: IT Risks — Present and FutureSingleton, Tommie W et al. | 2011
- 18
-
IT Governance: Linking Business Goals to IT Goals and COBIT ProcessesGrembergen, Wim Van et al. | 2006
- 18
-
ISACA® Member and Certification Holder Compliance| 2004
- 18
-
Book Review: Computer and Information Security HandbookKarin, Horst et al. | 2010
- 19
-
Book Review: The IBM Data Governance Unified Process: Driving Business Value With IBM Software and Best PracticesMunongwa, Bright et al. | 2012
- 19
-
Why Rein in Linux?Norris, R. C. et al. | 2000
- 19
-
Navigating the Path From Information Security Practitioner to ProfessionalAnderson, Kerry et al. | 2013
- 19
-
Commantrary - Security and Regulatory Compliance: A Quantitative Risk Management ApproachDrake, Art et al. | 2004
- 19
-
Security and Regulatory Compliance: A Quantitative Risk Management ApproachDrake, A. / Jeschke, J. et al. | 2004
- 19
-
Applying Data Analytics to IS AuditHoesing, Michael et al. | 2010
- 19
-
Perspectives - Why Rein in Linux? - Underneath all the hype, sometimes it's hard to answer the question: What is Linux? The author gives a compact explanation of the history and development of Linux, compares and contrasts several versions of it, reviews uses for it, discusses tools for controlling it and relates his own experiences in installing itNorris Jr, Robert C. et al. | 2000
- 20
-
IT Value: Portfolio Management -- Unlocking the Value of IT InvestmentsAtaya, Georges et al. | 2007
- 20
-
Everybody Loves DocumentationBellehumeur, Adrienne et al. | 2012
- 21
-
Book Review: Security Information and Event Management ImplementationCano, Jeimy J et al. | 2011
- 21
-
Enabling the Strategy-focused IT OrganizationGold, R. S. et al. | 2002
- 21
-
Enabling the Strategy-focused IT Organization - IT often focuses on reducing cost and keeping systems running, while the business needs IT to emphasize value creation. To move beyond merely proving their competence, IT managers are using the balanced scorecard management framework.Gold, Robert S. et al. | 2002
- 21
-
The Costs of Not Securing Personally Identifiable DaWright, Benjamin et al. | 2004
- 21
-
The Costs of Not Securing Personally Identifiable DataWright, B. et al. | 2004
- 21
-
Coordinating IT Governance-A New Role for IT Strategy CommitteesHardy, G. et al. | 2003
- 21
-
IT Governance - Coordinating IT Governance -- A New Role for IT Strategy CommitteesHardy, Gary et al. | 2003
- 22
-
IT Governance: New Framework for Enterprise Risk Management in ITFischer, Urs et al. | 2008
- 22
-
Book Review: Hacking Exposed Web Applications: Web Application Security Secrets and Solutions, 3rd EditionSpinelli, Connie et al. | 2011
- 22
-
Align Business Initiatives and IT SolutionsMiyagi, Ikumi et al. | 2014
- 22
-
Managing Multiple Medium- and Small-scale Projects in Large IT OrganizationsSwaroop, Shankar et al. | 2007
- 23
-
Information Security Management for GovernmentsRaj Kumar, Krishna et al. | 2011
- 23
-
The Importance of the ARAGoldberg, Danny M et al. | 2012
- 23
-
Fraude o ErrorSantiago, Fidel et al. | 2009
- 23
-
Virtual Private Network (VPN): Audit Approach Based on Standard SDLC ConceptsLedesma, Cristina et al. | 2004
- 23
-
Synthesizing SAS 70 Audits and PMI's Project Management Process GroupsBell III, Thomas J et al. | 2010
- 24
-
Global PerspectivesCano, Jeimy J. et al. | 2006
- 24
-
Key Elements of an Information Risk ProfilePironti, John P et al. | 2013
- 25
-
Book Review: Securing Converged IP NetworksParmar, Kamal et al. | 2008
- 25
-
IT Governance: IT Audit RoleGallegos, F. et al. | 2003
- 25
-
Implementing ISO17799: Pleasure or Pain?Thorp, Carl et al. | 2004
- 25
-
E-mail Records and Knowledge Management: The Hidden RiskWilkins, A. et al. | 2002
- 25
-
Book Review: Governance, Risk and Compliance Handbook: Technology, Finance, Environmental, and International Guidance and Best PracticesRafeq, A. et al. | 2009
- 25
-
E-mail Records and Knowledge Management: The Hidden Risk - E-mail records can provide important clues and knowledge about how decisions are made and the time frame in which they were made. The fact that the management of electronic information too often lies below the radar screens means that the storage and archiving of e-mail has not been given the priority it deserves.Wilkins, Adam et al. | 2002
- 25
-
IT Audit Basics - IT Governance: IT Audit RoleGallegos, Frederick et al. | 2003
- 26
-
Seven Myths of Information GovernanceRaval, Vasant et al. | 2012
- 26
-
Book Review: Implementing the ISO-IEC 27001 — Information Security Management System StandardKanhere, Vishnu et al. | 2009
- 26
-
Book Review: Business Continuity and Disaster Recovery for IT ProfessionalsNedelchev, Naiden et al. | 2008
- 27
-
Systems Development Advice in a Web-enabled WorldKumar Agarwala, Sanjiv et al. | 2004
- 27
-
Perspectives - IT Governance Roundtable -- Sponsored by the IT Governance Institute - A summary of the roundtable discussion which occurred on 27 March 2000 at the Euro CACS 2000 in Oslo, NorwayPenri-Williams, Hugh et al. | 2000
- 27
-
Standards, Statements, Guidelines ISACA® Member and Certification Holder Compliance| 2009
- 27
-
IT Governance RoundtablePenri-Williams, H. et al. | 2000
- 28
-
Effect of Third Parties on an Organization's IT ControlsISACA Standards Board et al. | 2002
- 28
-
Optimizing an Organization's Security Effectiveness by Using Vulnerability Management to Support the Audit FunctionBunker, Eva et al. | 2003
- 28
-
Book Review: Balanced Scorecard Step-by-step: Maximizing Performance and Maintaining Results, 2nd EditionFuente, Reynaldo J.de la et al. | 2008
- 28
-
Information Technology Control and Audit, 2^n^d Edition By Frederick Gallegos, Sandra Senft, D.P. Manson and C. GonzalesKanhere, V. et al. | 2005
- 28
-
Planning for and Implementing ISO 27001Pelnekar, Charu et al. | 2011
- 28
-
Book Review: Information Technology Control and Audit, 2^n^d Edition By Frederick Gallegos, Sandra Senft, D.P. Manson and C. GonzalesKanhere, V. et al. | 2006
- 28
-
Perspective - The Many Faces of SAP Connectivity in E-Commerce - The author examines how SAP fits into the collaborative business relationship process and discusses the changing face of SAP in the e-commerce world. He argues that companies that miss the application integration with the web will not remain competitive.Johnson, Robert et al. | 2001
- 28
-
Effect of Third Parties on an Organization's IT Controls - The concept of outsourcing has been around for years. However, in recent years, there has been a marked increase in the use of third-party service providers. The impact that third parties have on an organization can vary dramatically - ISACA Standards Board| 2002
- 28
-
Book Review: Information Technology Control and Audit, 2nd EditionGallegos, Frederick et al. | 2005
- 28
-
The Many Faces of SAP Connectivity in E-Commerce The author examines how SAP fits into the collaborative business relationship process and discusses the changing face of SAP in the e-commerce world. He argues that companies that miss the application integration with the web will not remain competitiveJohnson, R. et al. | 2001
- 29
-
Common Web Application VulnerabilitiesKennedy, Susan et al. | 2005
- 29
-
Identify, Govern and Manage IT Risk Part 1: Risk IT Based on COBIT Objectives and PrinciplesFischer, Urs et al. | 2009
- 29
-
The Business Case as an Operational Management Instrument — A Process ViewMaes, Kim et al. | 2014
- 29
-
Book Review: Fraud Casebook: Lesson From the Bad Side of BusinessKanhere, Vishnu et al. | 2008
- 29
-
What Is Your Risk Appetite?Pareek, Mukul et al. | 2013
- 29
-
Security Controls That WorkMelanon, Dwayne et al. | 2007
- 29
-
Book Review: Fraud Casebook: Lessons From the Bad Side of BusinessKanhere, V. et al. | 2008
- 31
-
Assuring Data Privacy ComplianceKenny, Steve et al. | 2004
- 31
-
Achieving Data Warehouse NirvanaReed, Christopher et al. | 2010
- 31
-
Preventing EFT FraudHumphries Jr, John E. et al. | 2003
- 31
-
A Comprehensive Method for Assessment of Operational Risk in E-bankingTanampasidis, George et al. | 2008
- 31
-
BSD - The Other Open Source Unix| 2000
- 31
-
Features - BSD -- The Other Open Source Unix - While Linux has been garnering media attention, another open source operating system has continued with its many tasks, including helping run many of the Internet's busiest sites. This article contains a brief summary of the history of BSD and its current place in the operating systems world| 2000
- 32
-
Crossword PuzzleMellor, Myles et al. | 2009
- 32
-
How to Maximize Evidential Weight of Electronically Stored InformationHamidovic, Maris et al. | 2012
- 33
-
Understanding How to Protect Web-facing Applications: Under the Covers of Requirement 6.6 of PCINair, Sushila et al. | 2009
- 33
-
Radio Frequency Identification: What Does It Mean for Auditors?Serepca, Beth et al. | 2006
- 33
-
Information Technology Auditing and Facilitated Control Self-assuranceDoughty, K. / O Driscoll, J. et al. | 2002
- 33
-
Approaches to Monitor Activities in Oracle DatabaseShi, Ying et al. | 2007
- 33
-
Your Face to the Customer: What If It Is Wrong? Managing CRM Risks To better manage the enterprise around customer interactions and to maximiz the lifetime value of customer relationships, the organization must change and leverage information technology to make organizational, process, application and technology changes within their sales, marketing and customer service functions. These functions are inherently risky, because they are so visible and closely linked to customersMcLaughlin, M. / Erickson, D. S. et al. | 2001
- 33
-
Information Technology Auditing and Facilitated Control Self-assurance - This article outlines one approach used by IT auditors to provide an annual assessment of the IT&T internal control framework within an organisation. It is based on a set of internationally recognised IT service delivery and support process models called ITIL (Information Technology Infrastructure Library) and relies extensively on the use of control self-assurance (CSA) workshops facilitated by IT audit staff.Doughty, Ken et al. | 2002
- 33
-
Features - Your Face to the Customer. What If It Is Wrong? Managing CRM Risks - To better manage the enterprise around customer interactions and to maximize the lifetime value of customer relationships, the organization must change and leverage information technology to make organizational, process, application and technology changes within their sales, marketing and customer service functions. These functions are inherently risky, because they are so visible and closely linked to customers.McLaughlin, Michele et al. | 2001
- 33
-
Quantifying Information Risk and SecurityGelbstein, Ed et al. | 2013
- 34
-
Extracting Data from SAPPowers, B. J. et al. | 2000
- 34
-
Features - Extracting Data from SAP - This article focuses on explaining how computer assisted auditing tools (CAATs) can help an auditor extract data from SAP during the auditing process. The author includes a case example involving ABAP 4 Query and walks auditors through producing a query to extract dataPowers, Bernard J. et al. | 2000
- 35
-
Identity and Access ManagementMcQuaide, Bill et al. | 2003
- 35
-
Look Beyond Sarbanes-Oxley to Maximize ROI from Compliance InitiativesWelu, Tim et al. | 2004
- 36
-
MP3 Players: Today's Business ThreatOliver, Derek et al. | 2007
- 36
-
A Manager's Guide to Identity Management and Federated IdentityPang, Leslie et al. | 2005
- 36
-
Rethinking Physical Security in the Information AgeEnglish, Peter et al. | 2011
- 36
-
Adopting an Integrated Framework in Managing Fraud RisksEe, Chong et al. | 2010
- 37
-
The OCTAVE® Approach to Information Security Risk AssessmentPanda, Parthajit et al. | 2009
- 37
-
Fire Protection of Computer Rooms — Legal Obligations and Best PracticesHamidovic, Haris et al. | 2014
- 37
-
COBIT in Relation to Other International StandardsHeschl, Jimmy et al. | 2004
- 37
-
SAP Password Vulnerabilities and Access to Sensitive Business DataEspin, Jose et al. | 2012
- 38
-
Risk Management Standards: The Bigger PictureRamirez, David et al. | 2008
- 38
-
Measure and Monitor Application SecuritySubramanian, Sivarama et al. | 2011
- 39
-
Enforce Security with a Fingerprint Biometric SolutionWallhoff, John et al. | 2003
- 39
-
Readability as Lever for Employees' Compliance With Information Security PoliciesAmmann, Franz-Ernst et al. | 2013
- 39
-
IT and Shareholder Return: Creating Value in the Insurance IndustryWilliams, Paul et al. | 2007
- 39
-
Laser Check Printing-Its Effect on the Internal Control SystemGorgoglione, J. / Joseph, G. W. et al. | 2002
- 39
-
Securing Linux - Is Open Source Too Open for Its Own Good?Loshin, P. et al. | 2000
- 39
-
Laser Check Printing -- Its Effect on the Internal Control System - Laser check printing is a fast-growing technology that holds the promise of increased fraud control and reduced operating costs. This article investigates the effect of laser check printing on internal control systems.Gorgoglione, Janice et al. | 2002
- 40
-
Enhancing IT Governance With a Simplified Approach to Segregation of Duties ((Part of the article not published in ASCI))Kobelsky, Kevin et al. | 2014
- 41
-
Expectations Are High for CRM, But So Are the Challenges While some enterprises forge ahead with CRM initiatives, other companies that wait until after a crisis to implement or update CRM processes may pay heavy toll. Higher consumer expectations require the ability to react quickly, respond throughly and add value to the processWard, M. et al. | 2001
- 41
-
Auditing LinuxHoesing, Michael T. et al. | 2005
- 41
-
Features - Expectations Are High for CRM, But So Are the Challenges - While some enterprises forge ahead with CRM initiatives, other companies that wait until after a crisis to implement or update CRM processes may pay a heavy toll. Higher consumer expectations require the ability to react quickly, respond thoroughly and add value to the process.Ward, Michael et al. | 2001
- 41
-
Biometrics -- Risks and ControlsDimitriadis, Christos K. et al. | 2004
- 41
-
The Assimilation of Marketing's Service Quality Principles and the IT Auditing ProcessBell III, Thomas J et al. | 2011
- 41
-
Automating Security Policy and Procedures With Workflow: How to Improve the Effectiveness of Risk Management SolutionsGodfrey, Michael et al. | 2008
- 41
-
Risk Perception and Trust in CloudFarahmand, Fariborz et al. | 2010
- 41
-
Features - Securing Linux -- Is Open Source Too Open for Its Own Good? - Although Linux can be made to be far more secure than Windows, problems can arise when inexperienced end-users install the operating system and applications inside your organizational infrastructure. Pete Loshin explains the risks and the remedies for Linux security. The article also includes sidebars on the Bastille Linux Project, OpenBSD and Linux firewallsLoshin, Pete et al. | 2000
- 42
-
The Impact of Laws and Regulations on Mobile TechnologyLewis, Barry D. et al. | 2009
- 43
-
DDoS Attacks — A Cyberthreat and Possible SolutionsKumar, Ajay et al. | 2013
- 43
-
Environment Interaction Evaluation: Building Proactive Compliance Into Technology SolutionsDeshmukh, Meera et al. | 2007
- 44
-
Protecting the Ports -- Using an Event Log Manager to Improve Network SecurityRobb, Drew et al. | 2004
- 44
-
The Auditor's Role in IT Development ProjectsHettigei, Nandasena T. et al. | 2006
- 44
-
Internal Control Issues: The Case of Changes to Information ProcessesBae, Benjamin et al. | 2003
- 44
-
Law and Best Practices for a Sarbanes-Oxley Systems ReviewMackaden, Frederick G et al. | 2014
- 44
-
Applications of Business Process Analytics and Mining for Internal ControlCaron, Filip et al. | 2012
- 45
-
Case Study: Better to Prevent Than Cure -- A New Way to Enhance IT and Business Governance CollaborationHelp, Tuulikki et al. | 2008
- 45
-
Standards and guidelines for maintaining compliance for both ISACA™ membership and the CISA designation are outlined and the status of ISACA issuances noted| 2001
- 45
-
Standards, Statements, Guidelines - Standards and guidelines for maintaining compliance for both ISACATM membership and the CISA(R) designation are outlined and the status of ISACA issuances noted.| 2001
- 46
-
Mitigating Risky Employee Behavior During and Economic DownturnCharnock, E. et al. | 2009
- 46
-
Mitigating Risky Employee Behavior During an Economic DownturnCharnock, Elizabeth et al. | 2009
- 46
-
Features - Views on COBIT 2nd Edition Relayed Online - The summary of the COBIT 2nd Edition online survey, conducted in November and December of 1999| 2000
- 46
-
Views on COBIT 2nd Edition Relayed Online| 2000
- 46
-
Achieving Compliance With the PCI Data Security StandardWoda, Alex et al. | 2007
- 46
-
Effective Encryption Requires an Integrated SystemFarris, Greg et al. | 2004
- 47
-
Leveraging and Securing the Bring Your Own Device and Technology ApproachPriyadarshi, Gaurav et al. | 2013
- 47
-
Centralized Security Management Provides Foundation for Effective Intrusion PreventionNjemanze, Hugh S. et al. | 2003
- 47
-
Features - Manager's Guide to Enterprise Resource Planning (ERP) Systems - Over the last decade, many organizations have experienced significant changes in their core business applications. To address these many changes, a new type of software system was developed -- Enterprise resource planning (ERP) systems.Pang, Les et al. | 2001
- 47
-
Manager's Guide to Enterprise Resource Planning (ERP) Systems Over the last decade, many organizations have experienced significant changes in their core business applications. To address these many changes, a new type of software system was developed-enterprise resource planning (ERP) systemsPang, L. et al. | 2001
- 48
-
Standards, Statements, Guidelines - Procedures to maintain compliance for both ISACA membership and the CISA designation are outlined and the status of ISACA issuances is noted| 2000
- 48
-
Privacy: An Opportunity for IS Auditors?Cilli, Claudio et al. | 2005
- 49
-
Features - How To Eliminate the Ten Most Critical Internet Security Threats - This article, from the SANS Institute, details the most exploited Internet security flaws and the actions needed to rid systems of these vulnerabilities| 2000
- 49
-
The Buyer's Guide - This biannual guide provides readers with an up-to-date breakdown of the current products and companies of interest to the IS audit, control and security community.| 2002
- 49
-
Using Audit Software and the Death Master File to Catch CrooksWessmiller, Ray et al. | 2003
- 49
-
Identity Management Framework: Delivering Value for BusinessVanamali, Srinivasan et al. | 2004
- 49
-
How To Eliminate the Ten Most Critical Internet Security Threats| 2000
- 49
-
COBIT Security Baseline Applied to Business Web Applications: A Practical Approach for All Sizes of OrganisationsWatson, Colin et al. | 2009
- 49
-
Secure Software Development -- The Role of IT AuditAras, Oezlem et al. | 2008
- 50
-
Plus - CPE Quiz #71Oringel, Joey et al. | 2000
- 50
-
Conducting IS Due Diligence in a Structured Model Within a Short Period of TimeDelak, Bostjan et al. | 2014
- 50
-
Help Source Q&ASubramaniam, Gan et al. | 2011
- 51
-
Compliance Assessment of IP Networks: A Necessity TodayTalpade, Rajesh et al. | 2007
- 51
-
Enhancing Security with an IT Network Awareness CenterDriml, Scott et al. | 2003
- 52
-
The Auditor's Role in Reviewing Business Continuity PlanningMuthukrishnan, Ravi et al. | 2005
- 53
-
Biometrics: An Overview of the Technology, Challenges and Control ConsiderationsDown, Michael P. et al. | 2004
- 53
-
Justifying Investment in SecurityParmar, Kamal et al. | 2003
- 53
-
Risk and Governance Issues for ERP Enterprise Applications While ERP applications can resolve a number of control issues associated with a fragmented legacy systems environment, not surprisingly, they can introduce new risks of their ownAddison, S. et al. | 2001
- 53
-
Features - Risk and Governance Issues for ERP Enterprise Applications - While ERP applications can resolve a number of control issues associated with a fragmented legacy systems environment, not surprisingly, they can introduce new risks of their own.Addison, Stephen et al. | 2001
- 53
-
CPE Quiz #131 Based on Volume 1, 2010Chan, Sally et al. | 2010
- 53
-
Quiz #143 - Based on Volume 2, 2012Chan, Sally et al. | 2012
- 53
-
CPE QUIZ #149 - Based on Volume 2, 2013Chan, Sally et al. | 2013
- 53
-
CPE Quiz #137 - Based on Volume 2, 2011Chan, Sally et al. | 2011
- 54
-
Inseguridad Informatica y Computacion Anti-forense: Dos Conceptos Emergentes en Seguridad de la InformacionCano, J. J. et al. | 2007
- 54
-
Evaluating the Potential Technology Impact of IFRSBastos, Rui et al. | 2009
- 54
-
Inseguridad Informática y Computación Anti-forense: Dos Conceptos Emergentes en Seguridad de la InformaciónCano, Jeimy J. et al. | 2007
- 54
-
IT Governance Roundtable: Boston, November 2007| 2008
- 55
-
Standards, Guidelines, Tools and Techniques| 2011
- 55
-
Standards, Guidelines, Tools and Techniques: ISACA Member and Certification Holder Compliance| 2010
- 55
-
Features - Banks and the Possibilities of E-commerce - As many banks in the world have begun using the Internet in business, often e-commerce is confused with Internet banking. Internet banking should be interpreted as a part of the strategy of e-commerce.González, Marcelo Hector et al. | 2001
- 55
-
Banks and the Possibilities of E-commerce As many banks in the world have begun using the Internet in business, often e-commerce is confused with Internet banking. Internet banking should be interpreted as a part of the strategy of e-commerceGonzalez, M. H. et al. | 2001
- 56
-
Using COBIT and the Balanced Scorecard as Instruments for Service Level ManagementGrembergen, Wim Van et al. | 2003
- 57
-
Help Source - Help Source Q&ASubramaniam, B.Ganapathi et al. | 2004
- 57
-
CPE Quiz #155 - Based on Volume 2, 2014 — The IS Audit TransformationChan, Sally et al. | 2014
- 59
-
CPE Quiz #101 - Based on Volume 2, 2005Khan, Kamal et al. | 2005
- 59
-
CPE Quiz #113 - Based on Volume 2, 2007Khan, Kamal et al. | 2007
- 59
-
CPE Quiz #119 - Based on Volume 2, 2008Chan, Sally et al. | 2008
- 59
-
CPE Quiz #94, based on volume 1, 2004Oringel, Joe et al. | 2004
- 59
-
CPE Quiz #125 - Based on Volume 2, 2009Chan, Sally et al. | 2009
- 60
-
Plus - CE Quiz #77, Based on Volume 2, 2001Oringel, Joey et al. | 2001
- 63
-
CPE Quiz #87, based on volume 6, 2002Oringel, Joe et al. | 2003
- 65
-
Plus - CE Quiz #83, Based on Volume 2, 2002Oringel, Joey et al. | 2002
-
Plus - ISACA Bookstore Price List Supplement| 2001
-
ISACA Bookstore Price List Supplement| 2006
-
Plus - ISACA Bookstore Offerings - Supplement| 2000
-
ISACA Bookstore Supplement| 2013